HTTP_RAW_POST_DATA BC fixes

# hopefully all done, commiting anyway to continue work on my home box php://input stream fixes (POST data handerl mangles data, CLI crashbug)
2024-09-21 18:07:23 +00:00 · 2002-11-12 18:29:11 +00:00 · 2002-11-12 18:29:11 +00:00 · be5e379ec6
commit be5e379ec6
parent ef7bd02688
4 changed files with 39 additions and 23 deletions
--- a/ext/standard/php_fopen_wrapper.c
+++ b/ext/standard/php_fopen_wrapper.c
@ -75,22 +75,24 @@ static size_t php_stream_input_read(php_stream *stream, char *buf, size_t count
 {
 	size_t read_bytes = 0;
 	if(!stream->eof) {
-		if(SG(request_info).post_data) { /* data has already been read by a post handler */
-			read_bytes = SG(request_info).post_data_length - stream->position;
+		if(SG(request_info).raw_post_data) { /* data has already been read by a post handler */
+			read_bytes = SG(request_info).raw_post_data_length - stream->position;
 			if(read_bytes <= count) {
 				stream->eof = 1;
 			} else {
 				read_bytes = count;
 			}
 			if(read_bytes) {
-				memcpy(buf, SG(request_info).post_data + stream->position, read_bytes);
+				memcpy(buf, SG(request_info).raw_post_data + stream->position, read_bytes);
 			}
-		} else {
+		} else if(sapi_module.read_post) {
 			read_bytes = sapi_module.read_post(buf, count TSRMLS_CC);
 			if(read_bytes <= 0){
 				stream->eof = 1;
 				read_bytes = 0;
 			}
+		} else {
+			stream->eof = 1;
 		}
 	}

@ -133,7 +135,7 @@ php_stream * php_stream_url_wrap_php(php_stream_wrapper *wrapper, char *path, ch
 	
 	if (!strcasecmp(path, "input")) {
 		return php_stream_alloc(&php_stream_input_ops, NULL, 0, "rb");
-	}
+	}  
 	
 	if (!strcasecmp(path, "stdin")) {
 		fp = fdopen(dup(STDIN_FILENO), mode);
--- a/main/SAPI.c
+++ b/main/SAPI.c
@ -174,7 +174,7 @@ static void sapi_read_post_data(TSRMLS_D)
 		post_reader_func(TSRMLS_C);
 	}

-	if(PG(always_populate_raw_post_data) && sapi_module.default_post_reader) {
+	if(sapi_module.default_post_reader) {
 		sapi_module.default_post_reader(TSRMLS_C);
 	}
 }
@ -294,6 +294,7 @@ SAPI_API void sapi_activate(TSRMLS_D)
 	SG(headers_sent) = 0;
 	SG(read_post_bytes) = 0;
 	SG(request_info).post_data = NULL;
+	SG(request_info).raw_post_data = NULL;
 	SG(request_info).current_user = NULL;
 	SG(request_info).current_user_length = 0;
 	SG(request_info).no_headers = 0;
@ -355,13 +356,16 @@ SAPI_API void sapi_deactivate(TSRMLS_D)
 		efree(SG(request_info).post_data);
 	}  else 	if (SG(server_context)) {
 		if(sapi_module.read_post) { 
-			// make sure we've consumed all request input data
+			/* make sure we've consumed all request input data */
 			char dummy[SAPI_POST_BLOCK_SIZE];
 			while(sapi_module.read_post(dummy, sizeof(dummy)-1 TSRMLS_CC) > 0) {
 				/* empty loop body */
 			}
 		}
 	}
+	if (SG(request_info).raw_post_data) {
+		efree(SG(request_info).raw_post_data);
+	} 
 	if (SG(request_info).auth_user) {
 		efree(SG(request_info).auth_user);
 	}
--- a/main/SAPI.h
+++ b/main/SAPI.h
@ -71,10 +71,10 @@ extern SAPI_API sapi_module_struct sapi_module;  /* true global */
 typedef struct {
 	const char *request_method;
 	char *query_string;
-	char *post_data;
+	char *post_data, *raw_post_data;
 	char *cookie_data;
 	long content_length;
-	uint post_data_length;
+	uint post_data_length, raw_post_data_length;

 	char *path_translated;
 	char *request_uri;
--- a/main/php_content_types.c
+++ b/main/php_content_types.c
@ -38,25 +38,35 @@ static sapi_post_entry php_post_entries[] = {
 SAPI_API SAPI_POST_READER_FUNC(php_default_post_reader)
 {
 	char *data = NULL;
+	int length = 0;

-	if(PG(always_populate_raw_post_data)) {
-		if(NULL == SG(request_info).post_data) { /* no data yet */
-			if(NULL == SG(request_info).post_entry) {
-				/* no post handler registered, so we just swallow the data */
-				sapi_read_standard_form_data(TSRMLS_C);
-				data = SG(request_info).post_data;
-				SG(request_info).post_data = NULL;
-				SG(request_info).post_data_length = 0;
-			}
-		} else {
-			/* copy existing post data */
-			data = estrndup(SG(request_info).post_data, SG(request_info).post_data_length);
+	// $HTTP_RAW_POST_DATA registration
+	if(!strcmp(SG(request_info).request_method, "POST")) {
+		if(NULL == SG(request_info).post_entry) {
+			/* no post handler registered, so we just swallow the data */
+			sapi_read_standard_form_data(TSRMLS_C);
+			length = SG(request_info).post_data_length;
+			data = estrndup(SG(request_info).post_data, length);
+		} else if(PG(always_populate_raw_post_data) && SG(request_info).post_data) {
+			length = SG(request_info).post_data_length;
+			data = estrndup(SG(request_info).post_data, length);
 		}
-		
 		if(data) {
-			SET_VAR_STRINGL("HTTP_RAW_POST_DATA", data, SG(request_info).post_data_length);
+			SET_VAR_STRINGL("HTTP_RAW_POST_DATA", data, length);
 		}
 	}
+
+	/* for php://input stream:
+	 some post handlers modify the content of request_info.post_data
+	 so for now we need a copy for the php://input stream
+	 in the long run post handlers should be changed to not touch
+	 request_info.post_data for memory preservation reasons
+	*/
+	if(SG(request_info).post_data) {
+		SG(request_info).raw_post_data = estrndup(SG(request_info).post_data, SG(request_info).post_data_length);
+		SG(request_info).raw_post_data_length = SG(request_info).post_data_length;
+	}
+
 }
 /* }}} */